Distribution of digitally signed electronic documents is expanding into channels connecting an ever-evolving array of electronic devices that receive, send, generate and validate electronic documents. When a signed electronic document is received by an electronic device, the electronic signature on the received document may require validation, and the document may be checked for authenticity. An electronic signature may include a digest or hash of the signed document. The electronic signature itself may be encrypted (e.g., a public-key infrastructure (PKI)—based electronic signature). The electronic signature can be examined to make sure that it is cryptographically valid, and that every component forming the signature is genuine. The document can be tested to determine whether or not its integrity has been compromised.
A software application running on a desktop computer may be configured to manage digital signature verification for documents managed by that application. For example, a copy of Adobe® Acrobat® installed on a desktop computer may be capable of managing signature validation, digital signing, and encryption and decryption of PDF documents. Public-key encryption, digital signing, decryption and signature verification all involve CPU-intensive processes, such as executing asymmetric cryptographic functions used in public-key encryption. Since digital signature validation must be performed frequently, the efficiency of the process is important.
Validating digitally signed electronic documents can require transmission of an extensive file, like an encrypted copy of a large signed electronic document, across a network to a server, or to another device participating in the signature validation. The efficient exchange of such large files may demand substantial bandwidth.
Adequate throughput of signature validation can thus necessitate both substantial processing power and significant bandwidth capacity, as well as the presence of elaborate software applications such as Adobe® Acrobat® and Microsoft® Word® to manage the signature validation process.
A desktop computer or other device may be relieved of some of the burden of validating a digitally signed electronic document by communicating with a central validation or verification server equipped for high-speed validation processing, where the validation server performs the validation and notifies the desktop computer or other device of the results.
New classes of devices are now receiving, sending, generating and validating digitally signed electronic documents, including mobile phones, tablet computers, light-capacity laptops, and other machines whose processing power, storage capacity, software potential, and transmission bandwidth may be significantly less than what is found on traditional equipment such as desktop computers. Even with the aid of a high-powered signature validation server, such lightweight devices may not be capable of validating digitally signed electronic documents with adequate speed. In particular, they may not be able to speedily transmit large files, including encryptions of signed electronic documents, across a network.